1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Wireless Access Point
  5. ISR
  6. Configuration manual

Using A Radius Server To Restrict Ssids; Using Spaces In - Cisco ISR Configuration Manual

Wireless isr and hwic access point
Hide thumbs
Table of Contents

Advertisement

Chapter 3
Configuring Multiple SSIDs
Viewing SSIDs Configured Globally
Use this command to view configuration details for SSIDs that are configured globally:
router# show running-config ssid ssid-string
Using Spaces in SSIDs
In Cisco IOS Release 12.4(15)T, you can include spaces in an SSID, but trailing spaces (spaces at the
end of an SSID) are invalid. However, any SSIDs created in previous versions having trailing spaces are
recognized. Trailing spaces make it appear that you have identical SSIDs configured on the same access
point. If you think identical SSIDs are on the access point, use the show dot11 associations privileged
EXEC command to check any SSIDs created in a previous release for trailing spaces.
For example, this sample output from a show configuration privileged EXEC command does not show
spaces in SSIDs:
ssid buffalo
ssid buffalo
ssid buffalo
However, this sample output from a show dot11 associations privileged EXEC command shows the
spaces in the SSIDs:
SSID [buffalo] :
SSID [buffalo ] :
SSID [buffalo

Using a RADIUS Server to Restrict SSIDs

To prevent client devices from associating to the access point using an unauthorized SSID, you can
create a list of authorized SSIDs that clients must use on your RADIUS authentication server.
The SSID authorization process consists of these steps:
1.
2.
3.
OL-6415-04
vlan 77
authentication open
vlan 17
authentication open
vlan 7
authentication open
] :
A client device associates to the access point using any SSID configured on the access point.
The client begins RADIUS authentication.
The RADIUS server returns a list of SSIDs that the client is allowed to use. The access point checks
the list for a match of the SSID used by the client. There are three possible outcomes:
If the SSID that the client used to associate to the access point matches an entry in the allowed
a.
list returned by the RADIUS server, the client is allowed network access after completing all
authentication requirements.
If the access point does not find a match for the client in the allowed list of SSIDs, the access
b.
point disassociates the client.
c.
If the RADIUS server does not return any SSIDs (no list) for the client, then the administrator
has not configured the list, and the client is allowed to associate and attempt to authenticate.
Cisco Wireless ISR and HWIC Access Point Configuration Guide
Configuring Multiple SSIDs
3-5

Advertisement

Table of Contents
loading

Related Manuals for Cisco ISR

Related Content for Cisco ISR

This manual is also suitable for:

Hwic

Table of Contents